package org.smart4j.system.security;

import org.smart4j.framework.helper.DatabaseHelper;
import org.smart4j.plugin.security.SmartSecurity;

import java.util.Set;

/**
 * Created by Wangminze on 2017/1/7.
 * Description:应用安全控制
 */
public class AppSecurity implements SmartSecurity {
    @Override
    public String getPassword(String username) {
        String sql = " SELECT password FROM t_user WHERE username = ? ";
        return DatabaseHelper.query(sql,username);
    }

    @Override
    public Set<String> getRoleNameSet(String username) {
        String sql = " SELECT r.role_name FROM t_user u, t_user_role ur, t_role r " +
                " where u.id = ur.user_id AND r.id = ur.role_id AND u.username = ?";
        return DatabaseHelper.querySet(sql, username);
    }

    @Override
    public Set<String> getPermissionNameSet(String roleName) {
        String sql = "SELECT p.permission_name FROM t_role r, t_role_permission rp, " +
                "t_permission p WHERE r.id = rp.role_id AND p.id = rp.permission_id AND " +
                "r.role_name = ?";
        return DatabaseHelper.querySet(sql, roleName);
    }
}
